Online or electronic security is a major issue in the industry. It seems a month does not go by without news of some major business having a security breach. Such breaches include government agencies, retail outlets, social media companies, and even major banks.
Whenever an enterprise believes that a secure fix to remedy a breach has been deployed, hackers quickly figure out a new way to breach their systems. In some cases, the breaches are not even within the systems of the enterprise; rather, the breaches can occur over network transmission lines that enter or exit the enterprise systems; the hackers use sniffing techniques to acquire copies of data packets being transmitted over the network lines and find a way to break any encryption being used (assuming encryption was being used).
Cryptographic systems are in a continuous state of change. While cryptographic techniques and concepts may not vary all that much over time—algorithms, key types and key sizes do frequently change to keep up with improvements in computing power and cryptographic research that yields practical attacks possible for mainstream algorithms.
To clarify this point, cryptographic techniques and concepts such as: Diffie-Hellman key exchange, Public Key Infrastructure, hashing, signing/verifying, encrypting/decrypting and chaining have been around for a long time and continue to be first class citizens of cryptography. However, just looking at the hashing functions, one notices that over the past few decades the industry has progressively improved hashing algorithms, such as: Message Digests (MD2, MD4, MD5, RIPEMD (RACE Integrity Evaluation Message Digest)) and Secure Hash Algorithms (SHA-0, SHA-1, SHA-2 (SHA-224/256/384/512) and now SHA-3). Similarly in symmetric encryption the industry has experienced a steady progression in algorithmic improvements, such as: DES (Date Encryption Standard), Rivest Ciphers (RC2 and RC), Triple DES (3DES), Twofish (a symmetric key block cipher), and Advanced Encryption Standard (AES). In the asymmetric encryption space improvements have been made to such things as: Pretty Good Privacy (PGP), Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC) to name just a few.
But, updating internal systems to accommodate improved algorithms, key types, and key sizes are expensive manually-intensive efforts for an enterprise often requiring updates to devices and software throughout the enterprise.
Therefore, there is a need for improving cryptographic deployments within an enterprise.